Index: [thread] [date] [author] [stats]

  From: markus schnalke <meillo@marmaro.de>
  To  : <masqmail@marmaro.de>
  Date: Tue, 26 May 2009 18:56:41 +0200

Re: [masqmail] Error: unexpected response from TLS/SSL wrapper

[2009-05-26 13:02] Grzegorz Adamiak <gadamiak@docucollab.com>
> --- markus schnalke [2009-05-20 09:20]:
> >
> >If I run the command without the redirect, I get:
> >
> >	$ /usr/bin/openssl s client -connect smtp.gmail.com:587 -starttls
> >	smtp -quiet -CApath /etc/ssl/certs/ 
> >	26123:error:140770FC:SSL routines:SSL23 GET SERVER HELLO:unknown
> >	protocol:s23 clnt.c:567:
> 
> Actually, the above output is produced when "-starttls smpt" is not 
> used. I guess this is due to a non-standard SMTP port being used. With 
> "-starttls smtp" I get server certificate verification messages (the 
> "depth=…" part) followed by 250 code:

I was not able to reproduce this output. If I add ``-startls smtp'' I
still get the error I mention above. Can you please post the command
you run.


> 	depth=1 /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting 
> cc/OU=Certification Services Division/CN=Thawte Premium Server 
> CA/emailAddress=premium-server@thawte.com
> 	verify return:1
> 	depth=0 /C=US/ST=California/L=Mountain View/O=Google 
> 	Inc/CN=smtp.gmail.com
> 	verify return:1
> 	250 PIPELINING
> 
> The connection is established and can be tested with EHLO command:
> 
> 	250 PIPELINING
> 	ehlo
> 	250-mx.google.com at your service, [85.221.159.2]
> 	250-SIZE 35651584
> 	250-8BITMIME
> 	250-AUTH LOGIN PLAIN
> 	250-ENHANCEDSTATUSCODES
> 	250 PIPELINING

If you get this output, then it should work if you now only add the
stderr redirect (2>/dev/null), which removes the ``depth=...'' lines.

Does it?


> >It seems as if you probably want to connect to port 465:
> >
> >	$ /usr/bin/openssl s client -quiet -connect smtp.gmail.com:465
> >	2>/dev/null
> >	220 mx.google.com ESMTP j10sm2177046mue.11
> >
> >I hope this solves your problem.
> 
> It did. I took the 587 port from my account configuration and haven't 
> even thought about trying standard ports. Anyway, it works now. Thanks 
> for help.

Great! :-)


meillo

signature.asc

Index: [thread] [date] [author] [stats]